The thing about malware attacks is they manifest suddenly. Unlike a decline in sales or a rising costs – a malware attack can be an immediate crisis.
Your systems may be locked up. Your data may be exfiltrated. Your systems could be even damaged or ruined.
If you’re unprepared, an attack can trigger panic and confusion. People unwittingly could wipe the very information needed to track down the criminals. Unnecessary – and expensive – delays in recovery could occur.
To reduce the risk of these issues, we recommend you create and rehearse a response plan. Key people come together to think about and talk through your organization’s response to a malware attack.
Security experts call these drills “Tabletop Exercises,” after the recommendations included in the NIST framework.
As with First Responders, a drill that forces everyone to focus on what’s needed helps you figure out where you made incorrect assumptions and omitted a crucial detail or key process. You should also consider hiring a detached, experienced facilitator to guide your planning.
If your organization has never done a Tabletop Exercise, you can learn more about this kind of Data Security Incident drill from our latest White Paper here.
And if you know your organization needs to come up with a plan but you don’t know where to start, or aren’t sure what to include, talk with us.
We are experienced in helping organizations refine their Security Incident Response Plans so a malware attack is just an incident – and not a full-blown disaster.